Sign in to follow this  
Followers 0
SleepyXtreme

Please Help me !

15 posts in this topic

#1 ·  Posted (edited)

So i got this really bad spam virus and i don't know how to get rid of it.

basically what it does is it has a pop up window that doesn't have a tasbar slot. it's just a floating window with ads in it.

I tried every single program to get rid of it and they don't work.

Now i'm trying to use autoit to maybe find out where it's coming from.

All the info i got is that its class is TN_BROWSER

anyone know what this means?

EDIT: OMFG, I USED GETPROCESS AND WHATNOT TO SEE WHERE IT'S COMING FROM AND IT SAYS EXPLORER.EXE! I'M SO SCREWED :) anyone know how i further investigate?

Edited by SleepyXtreme

Share this post


Link to post
Share on other sites



Well, just because it says explorer.exe doesn't necessarily mean it is the explorer.exe I've seen viruses that have the process name explorer.exe I suppose you could try any of the above software links.


The below statement is False.The above statement is True.a lesson I learned from Greenmachine; give a man a code and he'll solve one problem. Teach a man to code and he'll solve all his problems.P.S please don't use autoIt as a virus creator/spyware maker(keyLogger especially)Cick this and help me[center]My Scripts:[/center][center]Port Scanner[/center]

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

anyone know how i further investigate?

Format C: :)

Don't worry that it show's something with Explorer.exe. Normally you can repair everything with your Windows-Installation-CD.

Do you have an updated Scanner?

Edited by Lynix

Share this post


Link to post
Share on other sites

use a program called, Hijackthis to create a log of your pc. Submit this log to any of the many free hijackthis forums out there for further assistance

Share this post


Link to post
Share on other sites

Kaspersky Anti-Virus ---> The best one.

Share this post


Link to post
Share on other sites

I've used all of those, it's not detecting it.

Best program there is is hitman pro. it an autoit lover's dream for virus scanning. it goes through 3 or 4 scanners. it downloads, installs, and scans and fixes.

Share this post


Link to post
Share on other sites

hitmanpro is one of the better AutoIt demonstrations..

(written completely in AutoIt.)


Share this post


Link to post
Share on other sites

If those don't work you could get process viewer. And then see if explorer.exe is running twice. And then get the source of the fake explorer.exe and fix it manually.

Share this post


Link to post
Share on other sites

SytemInternals ProcessExplorer..

At least with it you can actually close handles from threads that are running..

This way you can hopefully terminate the entry point and rectify the problem while the system is running.

What OS are you running?

If it's NT based is your user account a primary built in admin account? (not good if so)

Booted into safe mode to run your scans?

Have you compared your explorer.exe against a verified explorer.exe for path, version, crc, signature.. etc?

If your using XP have you got SFC on or off , Using System restore (hope not)?

.....

Share this post


Link to post
Share on other sites

PM me with all the info you have, and I will help you clean it. I do stuff like this all the time for folks.

I will need the log when you run hijackthis. include it as a attachment.

Also, what OS are you running? You may be able to run a System restore unless the infection has trashed the restore folder.

Share this post


Link to post
Share on other sites

@Volly, I already tried to get him to submit a hijackthis log, and he didn't do it. I use the same method for virus removal for other people.

Share this post


Link to post
Share on other sites

Sorry, i work at night so i only get to look at the forums when i get home.

I'll pm you the results volly :).

also, i'm on xp pro

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0